Re: [pve-devel] LDAP integration with G Suite?

[Victor Hooi]

*(Sending again with screenshots removed)*

Hi,

Aha, I am glad to know it's meant to work out of the box - I merely had
some concerns around support for LDAP certificate authentication (forum post
).
If I get this working, it would be good to get this added to the wiki
perhaps.

However, I'm not able to get it working.

I have verified with ldapsearch that I can successfully lookup users
against the Google Secure LDAP service:

$ LDAPTLS_REQCERT=allow LDAPTLS_CERT=Google_2022_05_22_3494.crt
LDAPTLS_KEY=Google_2022_05_22_3494.key ldapsearch -H ldaps://
ldap.google.com:636 -b dc=anguslab,dc=io '(uid=victorhooi)'
SASL/EXTERNAL authentication started
SASL username: st=California,c=US,ou=GSuite,cn=LDAP Client,l=Mountain
View,o=Google Inc.
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base  with scope subtree
# filter: (uid=victorhooi)
# requesting: ALL
#

# victorhooi, Users, anguslab.io
dn: uid=victorhooi,ou=Users,dc=anguslab,dc=io
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
uid: victorhooi
googleUid: victorhooi
posixUid: victorhooi
cn: victorhooi
cn: Victor Hooi
sn: Hooi
displayName: Victor Hooi
givenName: Victor
mail: victorh...@anguslab.io
memberOf: cn=chat-eng,ou=Groups,dc=anguslab,dc=io
memberOf: cn=drive-eng,ou=Groups,dc=anguslab,dc=io
memberOf: cn=gsuite-tses,ou=Groups,dc=anguslab,dc=io
memberOf: cn=meet-eng,ou=Groups,dc=anguslab,dc=io
uidNumber: 950057616
gidNumber: 950057616
homeDirectory: /home/victorhooi
loginShell: /bin/bash
gecos:

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

I then added a new LDAP authentication realm using pvesh like so:

# pvesh create /access/domains --realm gsuiteldap --type ldap --base_dn
dc=anguslab,dc=io --server1 ldap.google.com --port 636 --cert
/root/Google_2022_05_22_3494.crt --certkey /root/Google_2022_05_22_3494.key
--user_attr victorhooi

(I'm not sure about what I should set as the user_attr value - since it's
using certificate - but the command seemed to complete successfully).

I then added a user with the same username in the Proxmox Web UI:



I then logged out as "root", and tried to login as the new user. Oddly
enough - even when I selected the LDAP authentication realm - it's still
asking me for both a username and password. I would have thought it would
just be a username, and it'd somehow delegate to G Suite's SSO webpage?



Anyhow - even after I enter in my G Suite username and password, it still
does not work (Login failed. Please try again.).

Are there some logfiles to help troubleshoot what's going on? Or is there
some issue with the steps above?

Regards,
Victor

On Wed, May 22, 2019 at 4:38 PM Dominik Csapak  wrote:

> On 5/22/19 3:16 AM, Victor Hooi wrote:
> > Hi,
>
> Hi,
>
> >
> > I'm interested in getting Proxmox's LDAP integrated with the Secure LDAP
> > feature from G Suite.
> >
> > Does anybody know how difficult this would be, or what would be involved?
>
> As far as i can see from their guide[0], this should generally work
> out of the box if you add an ldap realm in pve with the provided
> credentials/login data.
>
> You still have to add the specific users to pve by hand (as with all
> realms) and assign permissions to them.
>
> >
> > Is there any provision for some kind of feature bounty with the Proxmox
> > team, which we could contribute to?
>
> Not that i know of, but patches are always welcome :)
>
> >
> > Regards,
> > Victor
>
> I hope i could help
>
> Regards, Dominik
>
> 0: https://support.google.com/a/answer/9089736
>
> ___
> pve-devel mailing list
> pve-devel@pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] Roadmap - improved SDN support

[Alexandre DERUMIER]

Hi,

I'm working on it.

The main idea is to be able to define bridge/network at datacenter level,
then deploy them to hosts and manage dynamic network reloading.

Theses bridge network will support vlan but also vxlan.
(I'll try to finish this for proxmox6)

Then I'm working to implement vxlan with bgp evpn too (with anycast routing, 
full layer3 distributed vm network), to have a full sdn,
with routing through frr.

When it'll be done, I think it'll be possible to add more services on top on 
theses networks (dhcp server, nat,).


Do you have a special need with sdn?


- Mail original -
De: "Naumann, Thomas" 
À: "pve-devel" 
Envoyé: Mardi 21 Mai 2019 08:46:51
Objet: [pve-devel] Roadmap - improved SDN support

Hi, 

there is an extra point "improved SDN support" under roadmap in 
official proxmox-wiki. Who can give a hint what this means in detail? 
-- 
Thomas Naumann 

Abteilung Netze und Kommunikation 
Otto-von-Guericke Universität Magdeburg 
Universitätsrechenzentrum 
Universitätsplatz 2 
39106 Magdeburg 

fon: +49 391 67-58563 
email: thomas.naum...@ovgu.de 
___ 
pve-devel mailing list 
pve-devel@pve.proxmox.com 
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 

___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH 3/4] cherry-pick crypto changes

[Fabian Grünbichler]

for compatibility with existing Corosync 2.x auth keys

Signed-off-by: Fabian Grünbichler 
---
 patches/0001-cherry-pick-crypto-patches.patch | 148 ++
 patches/series|   1 +
 2 files changed, 149 insertions(+)
 create mode 100644 patches/0001-cherry-pick-crypto-patches.patch
 create mode 100644 patches/series

diff --git a/patches/0001-cherry-pick-crypto-patches.patch 
b/patches/0001-cherry-pick-crypto-patches.patch
new file mode 100644
index 000..eb279eb
--- /dev/null
+++ b/patches/0001-cherry-pick-crypto-patches.patch
@@ -0,0 +1,148 @@
+From  Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= 
+Date: Wed, 22 May 2019 14:11:59 +0200
+Subject: [PATCH kronosnet] cherry-pick crypto patches
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+for compatibility with Corosync 2.x key files
+
+Signed-off-by: Fabian Grünbichler 
+---
+ .../crypto-remove-libnss-3des-support.patch   | 74 +++
+ ...e-minimum-crypto-key-size-to-1024bit.patch | 35 +
+ debian/patches/series |  2 +
+ 3 files changed, 111 insertions(+)
+ create mode 100644 debian/patches/crypto-remove-libnss-3des-support.patch
+ create mode 100644 
debian/patches/reduce-minimum-crypto-key-size-to-1024bit.patch
+
+diff --git a/debian/patches/crypto-remove-libnss-3des-support.patch 
b/debian/patches/crypto-remove-libnss-3des-support.patch
+new file mode 100644
+index 000..c8d1123
+--- /dev/null
 b/debian/patches/crypto-remove-libnss-3des-support.patch
+@@ -0,0 +1,74 @@
++From: "Fabio M. Di Nitto" 
++Date: Thu, 11 Apr 2019 13:36:56 +0200
++Subject: [crypto] remove libnss 3des support
++
++Signed-off-by: Fabio M. Di Nitto 
++(cherry picked from commit acb5adb7f3ea6eaaf858d86e064a9b3fe477ea11)
++---
++ libknet/libknet.h|  2 +-
++ libknet/crypto_nss.c | 14 --
++ 2 files changed, 5 insertions(+), 11 deletions(-)
++
++diff --git a/libknet/libknet.h b/libknet/libknet.h
++index 0331b1f..d0c90e4 100644
++--- a/libknet/libknet.h
+ b/libknet/libknet.h
++@@ -617,7 +617,7 @@ struct knet_handle_crypto_cfg {
++  * It can be set to "none" to disable
++  * encryption.
++  * Currently supported by "nss" model:
++- * "3des", "aes128", "aes192" and "aes256".
+++ * "aes128", "aes192" and "aes256".
++  * "openssl" model supports more modes and it 
strictly
++  * depends on the openssl build. See: 
EVP_get_cipherbyname
++  * openssl API call for details.
++diff --git a/libknet/crypto_nss.c b/libknet/crypto_nss.c
++index 35afa0f..a17ff62 100644
++--- a/libknet/crypto_nss.c
+ b/libknet/crypto_nss.c
++@@ -64,32 +64,28 @@ enum nsscrypto_crypt_t {
++  CRYPTO_CIPHER_TYPE_NONE = 0,
++  CRYPTO_CIPHER_TYPE_AES256 = 1,
++  CRYPTO_CIPHER_TYPE_AES192 = 2,
++- CRYPTO_CIPHER_TYPE_AES128 = 3,
++- CRYPTO_CIPHER_TYPE_3DES = 4
+++ CRYPTO_CIPHER_TYPE_AES128 = 3
++ };
++ 
++ CK_MECHANISM_TYPE cipher_to_nss[] = {
++  0,  /* CRYPTO_CIPHER_TYPE_NONE */
++  CKM_AES_CBC_PAD,/* CRYPTO_CIPHER_TYPE_AES256 */
++  CKM_AES_CBC_PAD,/* CRYPTO_CIPHER_TYPE_AES192 */
++- CKM_AES_CBC_PAD,/* CRYPTO_CIPHER_TYPE_AES128 */
++- CKM_DES3_CBC_PAD/* CRYPTO_CIPHER_TYPE_3DES */
+++ CKM_AES_CBC_PAD /* CRYPTO_CIPHER_TYPE_AES128 */
++ };
++ 
++ size_t nsscipher_key_len[] = {
++  0,  /* CRYPTO_CIPHER_TYPE_NONE */
++  AES_256_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES256 */
++  AES_192_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES192 */
++- AES_128_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES128 */
++- 24  /* CRYPTO_CIPHER_TYPE_3DES */
+++ AES_128_KEY_LENGTH  /* CRYPTO_CIPHER_TYPE_AES128 */
++ };
++ 
++ size_t nsscypher_block_len[] = {
++  0,  /* CRYPTO_CIPHER_TYPE_NONE */
++  AES_BLOCK_SIZE, /* CRYPTO_CIPHER_TYPE_AES256 */
++  AES_BLOCK_SIZE, /* CRYPTO_CIPHER_TYPE_AES192 */
++- AES_BLOCK_SIZE, /* CRYPTO_CIPHER_TYPE_AES128 */
++- 0   /* CRYPTO_CIPHER_TYPE_3DES */
+++ AES_BLOCK_SIZE  /* CRYPTO_CIPHER_TYPE_AES128 */
++ };
++ 
++ /*
++@@ -155,8 +151,6 @@ static int nssstring_to_crypto_cipher_type(const char* 
crypto_cipher_type)
++  return CRYPTO_CIPHER_TYPE_AES192;
++  } else if (strcmp(crypto_cipher_type, "aes128") == 0) {
++  return CRYPTO_CIPHER_TYPE_AES128;
++- } else if (strcmp(crypto_cipher_type, "3des") == 0) {
++- return CRYPTO_CIPHER_TYPE_3DES;
++  }
++  

[pve-devel] [PATCH corosync-pve 09/10] add patches for Corosync 3.x

[Fabian Grünbichler]

some minor cherry-picks, and two big series:
- crypto compatibility for upgrading from Corosync 2.x
- cpg callback merging for joinlists

Signed-off-by: Fabian Grünbichler 
---
 ...-cfgtool-Improve-link-status-display.patch | 166 
 ...-Revert-init-Enable-StopWhenUnneeded.patch |  63 ++
 patches/0007-add-crypto-patches.patch | 404 +
 patches/0008-CPG-callback-merging.patch   | 858 ++
 patches/series|   4 +
 5 files changed, 1495 insertions(+)
 create mode 100644 patches/0005-cfgtool-Improve-link-status-display.patch
 create mode 100644 patches/0006-Revert-init-Enable-StopWhenUnneeded.patch
 create mode 100644 patches/0007-add-crypto-patches.patch
 create mode 100644 patches/0008-CPG-callback-merging.patch

diff --git a/patches/0005-cfgtool-Improve-link-status-display.patch 
b/patches/0005-cfgtool-Improve-link-status-display.patch
new file mode 100644
index 000..d6782f7
--- /dev/null
+++ b/patches/0005-cfgtool-Improve-link-status-display.patch
@@ -0,0 +1,166 @@
+From  Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= 
+Date: Wed, 22 May 2019 12:24:45 +0200
+Subject: [PATCH] cfgtool: Improve link status display
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+cherry-picked from upstream master
+
+Signed-off-by: Fabian Grünbichler 
+---
+ .../cfgtool-Improve-link-status-display.patch | 134 ++
+ debian/patches/series |   1 +
+ 2 files changed, 135 insertions(+)
+ create mode 100644 debian/patches/cfgtool-Improve-link-status-display.patch
+
+diff --git a/debian/patches/cfgtool-Improve-link-status-display.patch 
b/debian/patches/cfgtool-Improve-link-status-display.patch
+new file mode 100644
+index ..93ee9937
+--- /dev/null
 b/debian/patches/cfgtool-Improve-link-status-display.patch
+@@ -0,0 +1,134 @@
++From: Christine Caulfield 
++Date: Tue, 22 Jan 2019 10:06:29 +
++Subject: cfgtool: Improve link status display
++
++Now show the nodeids properly, rather than node indexes which were
++annoying and unhelpful.
++
++Signed-off-by: Christine Caulfield 
++Reviewed-by: Jan Friesse 
++(cherry picked from commit c0d14485c3ebdeb2332f7c48acd155163e5b7fc1)
++---
++ tools/Makefile.am|  2 +-
++ tools/corosync-cfgtool.c | 56 
++--
++ 2 files changed, 55 insertions(+), 3 deletions(-)
++
++diff --git a/tools/Makefile.am b/tools/Makefile.am
++index 7a9ab04..0793884 100644
++--- a/tools/Makefile.am
+ b/tools/Makefile.am
++@@ -58,7 +58,7 @@ corosync-blackbox: corosync-blackbox.sh
++ 
++ corosync_cmapctl_LDADD   = $(LIBQB_LIBS) $(top_builddir)/lib/libcmap.la
++ 
++-corosync_cfgtool_LDADD   = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la
+++corosync_cfgtool_LDADD   = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la 
$(top_builddir)/lib/libcmap.la
++ 
++ corosync_cpgtool_LDADD   = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la \
++$(top_builddir)/lib/libcpg.la
++diff --git a/tools/corosync-cfgtool.c b/tools/corosync-cfgtool.c
++index c138085..ed29694 100644
++--- a/tools/corosync-cfgtool.c
+ b/tools/corosync-cfgtool.c
++@@ -50,6 +50,7 @@
++ #include 
++ #include 
++ #include 
+++#include 
++ 
++ #define cs_repeat(result, max, code) \
++  do {\
++@@ -75,16 +76,33 @@ enum user_action {
++  ACTION_KILL_NODE,
++ };
++ 
+++static int node_compare(const void *aptr, const void *bptr)
+++{
+++ uint32_t a,b;
+++
+++ a = *(uint32_t *)aptr;
+++ b = *(uint32_t *)bptr;
+++
+++ return a > b;
+++}
+++
++ static int
++ linkstatusget_do (char *interface_name, int brief)
++ {
++  cs_error_t result;
++  corosync_cfg_handle_t handle;
+++ cmap_handle_t cmap_handle;
++  unsigned int interface_count;
++  char **interface_names;
++  char **interface_status;
+++ uint32_t nodeid_list[KNET_MAX_HOST];
+++ char iter_key[CMAP_KEYNAME_MAXLEN];
++  unsigned int i;
+++ cmap_iter_handle_t iter;
++  unsigned int nodeid;
+++ unsigned int node_pos;
+++ cmap_value_types_t type;
+++ size_t value_len;
++  int rc = 0;
++  int len, s = 0, t;
++ 
++@@ -95,6 +113,37 @@ linkstatusget_do (char *interface_name, int brief)
++  exit (1);
++  }
++ 
+++ result = cmap_initialize (_handle);
+++ if (result != CS_OK) {
+++ printf ("Could not initialize corosync cmap API error %d\n", 
result);
+++ exit (1);
+++ }
+++ /* Get a list of nodes. We do it this way rather than using votequorum 
as cfgtool
+++  * needs to be independent of quorum type
+++  */
+++ result = cmap_iter_init(cmap_handle, "nodelist.node.", );
+++ if (result != CS_OK) {
+++ printf ("Could not get nodelist from cmap. error %d\n", result);
+++ 

[pve-devel] [PATCH corosync-pve 05/10] rebase patches

[Fabian Grünbichler]

and drop those that were applied upstream.

Signed-off-by: Fabian Grünbichler 
---
 ...1-add-Provides-Replaces-corosync-pve.patch |   6 +-
 ...-don-t-install-default-corosync.conf.patch | 228 +-
 ...-Switch-to-Debhelper-compat-level-11.patch |  70 ---
 ...pt.patch => 0003-remove-init-script.patch} |  10 +-
 ...postinst-for-restart-on-dist-upgrad.patch} |   0
 ...rt-after-package-upgrade-is-complete.patch |  27 --
 ...bcorosync4-pve-transitional-package.patch} |   6 +-
 ...art-corosync.service-if-conf-exists.patch} |  14 +-
 ...h => 0007-bsys-disable-augeas-tools.patch} |  50 ++-
 ...y-and-problematic-corosync-qdevice.i.patch |  72 
 ...lients-about-left-nodes-during-pause.patch | 401 --
 ...-control-bump-versioned-b-d-on-libqb.patch |  23 -
 patches/series|  15 +-
 13 files changed, 157 insertions(+), 765 deletions(-)
 delete mode 100644 
patches/0003-Revert-Switch-to-Debhelper-compat-level-11.patch
 rename patches/{0005-remove-init-script.patch => 
0003-remove-init-script.patch} (95%)
 rename 
patches/{0006-add-corosync-pve-postinst-for-restart-on-dist-upgrad.patch => 
0004-add-corosync-pve-postinst-for-restart-on-dist-upgrad.patch} (100%)
 delete mode 100644 patches/0004-restart-after-package-upgrade-is-complete.patch
 rename patches/{0007-add-libcorosync4-pve-transitional-package.patch => 
0005-add-libcorosync4-pve-transitional-package.patch} (88%)
 rename patches/{0008-only-start-corosync.service-if-conf-exists.patch => 
0006-only-start-corosync.service-if-conf-exists.patch} (83%)
 rename patches/{0012-bsys-disable-augeas-tools.patch => 
0007-bsys-disable-augeas-tools.patch} (67%)
 delete mode 100644 
patches/0009-remove-unecessary-and-problematic-corosync-qdevice.i.patch
 delete mode 100644 
patches/0010-cpg-Inform-clients-about-left-nodes-during-pause.patch
 delete mode 100644 patches/0011-d-control-bump-versioned-b-d-on-libqb.patch

diff --git a/patches/0001-add-Provides-Replaces-corosync-pve.patch 
b/patches/0001-add-Provides-Replaces-corosync-pve.patch
index 5601724..1998838 100644
--- a/patches/0001-add-Provides-Replaces-corosync-pve.patch
+++ b/patches/0001-add-Provides-Replaces-corosync-pve.patch
@@ -12,10 +12,10 @@ Signed-off-by: Fabian Grünbichler 

  1 file changed, 7 insertions(+)
 
 diff --git a/debian/control b/debian/control
-index e105b0b2..8a2ed29e 100644
+index 8a0855ce..d5e2513a 100644
 --- a/debian/control
 +++ b/debian/control
-@@ -44,6 +44,11 @@ X-Common-Description: The Corosync Cluster Engine is a 
Group Communication
+@@ -43,6 +43,11 @@ X-Common-Description: The Corosync Cluster Engine is a 
Group Communication
* A quorum system that notifies applications when quorum is achieved
  or lost.
  
@@ -26,7 +26,7 @@ index e105b0b2..8a2ed29e 100644
 +
  Package: corosync
  Architecture: any
- Pre-Depends: ${misc:Pre-Depends}
+ Pre-Depends:
 @@ -52,6 +57,8 @@ Depends: ${shlibs:Depends},
   lsb-base (>= 3.0-6),
   adduser,
diff --git a/patches/0002-don-t-install-default-corosync.conf.patch 
b/patches/0002-don-t-install-default-corosync.conf.patch
index 2e5a72c..e668016 100644
--- a/patches/0002-don-t-install-default-corosync.conf.patch
+++ b/patches/0002-don-t-install-default-corosync.conf.patch
@@ -1,6 +1,6 @@
 From  Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= 
-Date: Tue, 7 Mar 2017 13:32:02 +0100
+Date: Wed, 22 May 2019 11:14:01 +0200
 Subject: [PATCH] don't install default corosync.conf
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@@ -8,136 +8,120 @@ Content-Transfer-Encoding: 8bit
 
 Signed-off-by: Fabian Grünbichler 
 ---
- debian/corosync.conf| 111 
- debian/corosync.install |   1 -
- 2 files changed, 112 deletions(-)
- delete mode 100644 debian/corosync.conf
+ .../Make-the-example-config-valid.patch   | 64 ---
+ debian/corosync.install   |  2 +-
+ debian/patches/series |  1 -
+ debian/rules  |  3 -
+ 4 files changed, 1 insertion(+), 69 deletions(-)
+ delete mode 100644 debian/patches/Make-the-example-config-valid.patch
 
-diff --git a/debian/corosync.conf b/debian/corosync.conf
+diff --git a/debian/patches/Make-the-example-config-valid.patch 
b/debian/patches/Make-the-example-config-valid.patch
 deleted file mode 100644
-index 0322..
 a/debian/corosync.conf
+index 5c2182f7..
+--- a/debian/patches/Make-the-example-config-valid.patch
 +++ /dev/null
-@@ -1,111 +0,0 @@
--# Please read the corosync.conf.5 manual page
--totem {
--  version: 2
+@@ -1,64 +0,0 @@
+-From: =?utf-8?q?Ferenc_W=C3=A1gner?= 
+-Date: Sun, 16 Dec 2018 22:51:46 +0100
+-Subject: Make the example config valid
 -
--  # Corosync itself works without a cluster name, but DLM needs one.
--  # The cluster name is also written into the VG metadata of newly
--  # created shared LVM volume groups, if 

[pve-devel] [PATCH corosync-pve 06/10] build: drop transitional packages

[Fabian Grünbichler]

corosync-pve and libcorosync4-pve, which were introduced as part of the
PVE 4.x -> PVE 5.x upgrade

Signed-off-by: Fabian Grünbichler 
---
 Makefile  |  5 +--
 ...1-add-Provides-Replaces-corosync-pve.patch | 38 ---
 ...don-t-install-default-corosync.conf.patch} |  0
 ...pt.patch => 0002-remove-init-script.patch} |  0
 ...art-corosync.service-if-conf-exists.patch} | 22 +--
 ...-postinst-for-restart-on-dist-upgrad.patch | 32 
 ...h => 0004-bsys-disable-augeas-tools.patch} |  2 +-
 ...ibcorosync4-pve-transitional-package.patch | 29 --
 patches/series| 11 ++
 9 files changed, 15 insertions(+), 124 deletions(-)
 delete mode 100644 patches/0001-add-Provides-Replaces-corosync-pve.patch
 rename patches/{0002-don-t-install-default-corosync.conf.patch => 
0001-don-t-install-default-corosync.conf.patch} (100%)
 rename patches/{0003-remove-init-script.patch => 
0002-remove-init-script.patch} (100%)
 rename patches/{0006-only-start-corosync.service-if-conf-exists.patch => 
0003-only-start-corosync.service-if-conf-exists.patch} (80%)
 delete mode 100644 
patches/0004-add-corosync-pve-postinst-for-restart-on-dist-upgrad.patch
 rename patches/{0007-bsys-disable-augeas-tools.patch => 
0004-bsys-disable-augeas-tools.patch} (98%)
 delete mode 100644 patches/0005-add-libcorosync4-pve-transitional-package.patch

diff --git a/Makefile b/Makefile
index 786abba..ea74c94 100644
--- a/Makefile
+++ b/Makefile
@@ -9,16 +9,13 @@ CSSRC=corosync_${CSVERSION}.orig.tar.gz
 ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH)
 GITVERSION:=$(shell git rev-parse HEAD)
 
-MAIN_DEB=corosync-pve_${CSVERSION}-${CSRELEASE}_all.deb
+MAIN_DEB=corosync_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 OTHER_DEBS=\
-libcorosync4-pve_${CSVERSION}-${CSRELEASE}_all.deb \
-corosync_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-notifyd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-qdevice_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-qnetd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-doc_${CSVERSION}-${CSRELEASE}_all.deb \
-corosync-dev_${CSVERSION}-${CSRELEASE}_all.deb \
 libcfg6_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcmap4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcorosync-common4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
diff --git a/patches/0001-add-Provides-Replaces-corosync-pve.patch 
b/patches/0001-add-Provides-Replaces-corosync-pve.patch
deleted file mode 100644
index 1998838..000
--- a/patches/0001-add-Provides-Replaces-corosync-pve.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From  Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= 
-Date: Tue, 7 Mar 2017 13:29:31 +0100
-Subject: [PATCH] add Provides/Replaces: corosync-pve
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Fabian Grünbichler 

- debian/control | 7 +++
- 1 file changed, 7 insertions(+)
-
-diff --git a/debian/control b/debian/control
-index 8a0855ce..d5e2513a 100644
 a/debian/control
-+++ b/debian/control
-@@ -43,6 +43,11 @@ X-Common-Description: The Corosync Cluster Engine is a 
Group Communication
-   * A quorum system that notifies applications when quorum is achieved
- or lost.
- 
-+Package: corosync-pve
-+Architecture: all
-+Depends: corosync (= ${binary:Version})
-+Description: Transitional package.
-+
- Package: corosync
- Architecture: any
- Pre-Depends:
-@@ -52,6 +57,8 @@ Depends: ${shlibs:Depends},
-  lsb-base (>= 3.0-6),
-  adduser,
-  xsltproc
-+Provides: corosync-pve (= ${binary:Version})
-+Replaces: corosync-pve (<< 2.4.2-2)
- Description: cluster engine daemon and utilities
-  ${S:X-Common-Description}
-  .
diff --git a/patches/0002-don-t-install-default-corosync.conf.patch 
b/patches/0001-don-t-install-default-corosync.conf.patch
similarity index 100%
rename from patches/0002-don-t-install-default-corosync.conf.patch
rename to patches/0001-don-t-install-default-corosync.conf.patch
diff --git a/patches/0003-remove-init-script.patch 
b/patches/0002-remove-init-script.patch
similarity index 100%
rename from patches/0003-remove-init-script.patch
rename to patches/0002-remove-init-script.patch
diff --git a/patches/0006-only-start-corosync.service-if-conf-exists.patch 
b/patches/0003-only-start-corosync.service-if-conf-exists.patch
similarity index 80%
rename from patches/0006-only-start-corosync.service-if-conf-exists.patch
rename to patches/0003-only-start-corosync.service-if-conf-exists.patch
index b911a77..cdc1f29 100644
--- a/patches/0006-only-start-corosync.service-if-conf-exists.patch
+++ b/patches/0003-only-start-corosync.service-if-conf-exists.patch
@@ -8,23 +8,22 @@ Content-Transfer-Encoding: 8bit
 
 Signed-off-by: Fabian Grünbichler 
 ---
- ...tart-corosync.service-if-conf-exists.patch | 28 +++
+ 

[pve-devel] [PATCH 1/4] initial Makefile

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 59 
 1 file changed, 59 insertions(+)
 create mode 100644 Makefile

diff --git a/Makefile b/Makefile
new file mode 100644
index 000..db1f7a9
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,59 @@
+VERSION=1.8
+DEBRELEASE=2
+PVERELEASE=1
+
+BUILDDIR=kronosnet-${VERSION}
+SRCARCHIVE=kronosnet_${VERSION}.orig.tar.xz
+DEBARCHIVE=kronosnet_${VERSION}-${DEBRELEASE}.debian.tar.xz
+
+ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH)
+
+MAIN_DEB=libknet1_${VERSION}-${PVERELEASE}_${ARCH}.deb
+OTHER_DEBS=\
+   libknet-dev_${VERSION}-${PVERELEASE}_${ARCH}.deb
\
+   libknet-doc_${VERSION}-${PVERELEASE}_all.deb\
+   libknet1-dbgsym_${VERSION}-${PVERELEASE}_${ARCH}.deb\
+   libnozzle1-dbgsym_${VERSION}-${PVERELEASE}_${ARCH}.deb  \
+   libnozzle1-dev_${VERSION}-${PVERELEASE}_${ARCH}.deb \
+
+DEBS=${MAIN_DEB} ${OTHER_DEBS}
+DSC=kronosnet-${VERSION}-${PVERELEASE}.dsc
+
+all: ${DEBS}
+   echo ${DEBS}
+
+${BUILDDIR}: upstream/${SRCARCHIVE} upstream/${DEBARCHIVE} patches/*
+   rm -rf ${BUILDDIR}
+   ln -sf upstream/${SRCARCHIVE} ${SRCARCHIVE}
+   tar -xf upstream/${SRCARCHIVE}
+   tar -C ${BUILDDIR} -xf upstream/${DEBARCHIVE}
+   cd ${BUILDDIR}; ln -s ../patches patches
+   cd ${BUILDDIR}; quilt push -a
+   cd ${BUILDDIR}; rm -rf .pc ./patches
+
+deb: ${DEBS}
+${OTHER_DEBS}: ${MAIN_DEB}
+${MAIN_DEB}: ${BUILDDIR}
+   cd ${BUILDDIR}; dpkg-buildpackage -b -us -uc
+
+dsc: ${DSC}
+${DSC}: ${BUILDDIR}
+   cd ${BUILDDIR}; dpkg-buildpackage -S -us -uc -d -nc
+
+download:
+   rm -rf upstream/
+   mkdir upstream
+   cd upstream; dget 
https://deb.debian.org/debian/pool/main/k/kronosnet/kronosnet_${VERSION}-${DEBRELEASE}.dsc
+   cd upstream; rm -rf *.asc *.dsc ${BUILDDIR}
+
+.PHONY: upload
+upload: ${DEBS}
+   tar cf - ${DEBS} | ssh repo...@repo.proxmox.com upload
+
+.PHONY: clean
+clean:
+   rm -rf *~ *_${ARCH}.deb *.changes *.dsc ${BUILDDIR} *.orig.tar.xz 
*.debian.tar.xz *.buildinfo
+
+.PHONY: dinstall
+dinstall: ${DEBS}
+   dpkg -i ${DEBS}
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH 4/4] bump version to 1.8-pve1

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 patches/0002-update-changelog.patch | 29 +
 patches/series  |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 patches/0002-update-changelog.patch

diff --git a/patches/0002-update-changelog.patch 
b/patches/0002-update-changelog.patch
new file mode 100644
index 000..f07e185
--- /dev/null
+++ b/patches/0002-update-changelog.patch
@@ -0,0 +1,29 @@
+From  Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= 
+Date: Wed, 22 May 2019 14:08:37 +0200
+Subject: [PATCH kronosnet] update changelog
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Fabian Grünbichler 
+---
+ debian/changelog | 8 
+ 1 file changed, 8 insertions(+)
+
+diff --git a/debian/changelog b/debian/changelog
+index 63d5a6d..b89a2b3 100644
+--- a/debian/changelog
 b/debian/changelog
+@@ -1,3 +1,11 @@
++kronosnet (1.8-pve1) pve; urgency=medium
++
++  * introduce kronosnet for PVE 6.x
++
++  * cherry-pick crypto patches for Corosync 2.x keyfile compat
++
++ -- Proxmox Support Team   Wed, 22 May 2019 14:08:15 
+0200
++
+ kronosnet (1.8-2) unstable; urgency=medium
+ 
+   * [b6a2cdc] New patch: send test: skip the SCTP test if SCTP is not 
supported
diff --git a/patches/series b/patches/series
index 7c8d1d0..bd0b3fc 100644
--- a/patches/series
+++ b/patches/series
@@ -1 +1,2 @@
 0001-cherry-pick-crypto-patches.patch
+0002-update-changelog.patch
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 08/10] build: remove libtotem-pg* from package list

[Fabian Grünbichler]

they were discontinued upstream

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/Makefile b/Makefile
index a7d3bcc..99322a2 100644
--- a/Makefile
+++ b/Makefile
@@ -20,7 +20,6 @@ 
libcorosync-common4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcpg4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libquorum5_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libsam4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-libtotem-pg5_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libvotequorum8_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcfg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcmap-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
@@ -28,7 +27,6 @@ 
libcorosync-common-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcpg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libquorum-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libsam-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-libtotem-pg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libvotequorum-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 DBG_DEBS=\
@@ -40,7 +38,6 @@ 
libcorosync-common4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcpg4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libquorum5-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libsam4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-libtotem-pg5-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libvotequorum8-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 DEBS=${MAIN_DEB} ${OTHER_DEBS} ${DBG_DEBS}
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 02/10] Makefile: replace ARCH with DEB_BUILD_ARCH

[Fabian Grünbichler]

via dpkg-dev's architecture.mk

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 68 +---
 1 file changed, 35 insertions(+), 33 deletions(-)

diff --git a/Makefile b/Makefile
index a46c0ef..2f88750 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,5 @@
+include /usr/share/dpkg/architecture.mk
+
 CSVERSION=2.4.4
 CSRELEASE=pve1
 DEBRELEASE=3
@@ -11,42 +13,42 @@ MAIN_DEB=corosync-pve_${CSVERSION}-${CSRELEASE}_all.deb
 
 OTHER_DEBS=\
 libcorosync4-pve_${CSVERSION}-${CSRELEASE}_all.deb \
-corosync_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-notifyd_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-qdevice_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-qnetd_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
+corosync_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-notifyd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-qdevice_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-qnetd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-doc_${CSVERSION}-${CSRELEASE}_all.deb \
 corosync-dev_${CSVERSION}-${CSRELEASE}_all.deb \
-libcfg6_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcmap4_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcorosync-common4_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcpg4_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libquorum5_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libsam4_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libtotem-pg5_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libvotequorum8_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcfg-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcmap-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcorosync-common-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcpg-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libquorum-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libsam-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libtotem-pg-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libvotequorum-dev_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
+libcfg6_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcmap4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcorosync-common4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcpg4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libquorum5_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libsam4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libtotem-pg5_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libvotequorum8_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcfg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcmap-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcorosync-common-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcpg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libquorum-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libsam-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libtotem-pg-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libvotequorum-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 DBG_DEBS=\
-corosync-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-notifyd-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-qdevice-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-corosync-qnetd-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcfg6-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcmap4-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcorosync-common4-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libcpg4-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libquorum5-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libsam4-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libtotem-pg5-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
-libvotequorum8-dbgsym_${CSVERSION}-${CSRELEASE}_${ARCH}.deb \
+corosync-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-notifyd-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-qdevice-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+corosync-qnetd-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcfg6-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcmap4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcorosync-common4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libcpg4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libquorum5-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libsam4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libtotem-pg5-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
+libvotequorum8-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 DEBS=${MAIN_DEB} ${OTHER_DEBS} ${DBG_DEBS}
 
@@ -86,7 +88,7 @@ download:
 
 .PHONY: upload
 upload: ${DEBS}
-   tar cf - ${DEBS} | ssh -X repo...@repo.proxmox.com -- upload --product 
pve --dist stretch --arch ${ARCH}
+   tar cf - ${DEBS} | ssh -X repo...@repo.proxmox.com -- upload --product 
pve --dist stretch --arch ${DEB_BUILD_ARCH}
 
 distclean: clean
 
-- 
2.20.1

[pve-devel] [PATCH corosync-pve 07/10] build: remove -qdevice/qnetd from package list

[Fabian Grünbichler]

they were split into their own source package in Debian Buster

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 4 
 1 file changed, 4 deletions(-)

diff --git a/Makefile b/Makefile
index ea74c94..a7d3bcc 100644
--- a/Makefile
+++ b/Makefile
@@ -13,8 +13,6 @@ 
MAIN_DEB=corosync_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 
 OTHER_DEBS=\
 corosync-notifyd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-corosync-qdevice_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-corosync-qnetd_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-doc_${CSVERSION}-${CSRELEASE}_all.deb \
 libcfg6_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcmap4_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
@@ -36,8 +34,6 @@ 
libvotequorum-dev_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 DBG_DEBS=\
 corosync-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 corosync-notifyd-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-corosync-qdevice-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-corosync-qnetd-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcfg6-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcmap4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
 libcorosync-common4-dbgsym_${CSVERSION}-${CSRELEASE}_${DEB_BUILD_ARCH}.deb \
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 04/10] download 3.0.1-2 sources

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 orig.tar.gz => corosync_3.0.1.orig.tar.gz | Bin 17827086 -> 17891449 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename corosync_2.4.4.orig.tar.gz => corosync_3.0.1.orig.tar.gz (67%)

diff --git a/corosync_2.4.4.orig.tar.gz b/corosync_3.0.1.orig.tar.gz
similarity index 67%
rename from corosync_2.4.4.orig.tar.gz
rename to corosync_3.0.1.orig.tar.gz
index 10bb2b4..05388ba 100644
Binary files a/corosync_2.4.4.orig.tar.gz and b/corosync_3.0.1.orig.tar.gz 
differ
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 10/10] bump version to 3.0.1-pve1

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 changelog.Debian | 16 
 1 file changed, 16 insertions(+)

diff --git a/changelog.Debian b/changelog.Debian
index 7aeec7f..b7aeec4 100644
--- a/changelog.Debian
+++ b/changelog.Debian
@@ -1,3 +1,19 @@
+corosync (3.0.1-pve1) pve; urgency=medium
+
+  * update to Corosync 3.0.1-2
+
+  * cherry-pick crypto changes for upgrade compatibility
+
+  * cherry-pick CPG callback joinlist merging (PR 468)
+
+  * drop transitional corosync-pve/libcorosync4-pve packages
+
+  * corosync-qdevice/corosync-qnetd are now shipped separately
+
+  * drop discontinued libtotem-pq library packages
+
+ -- Proxmox Support Team   Wed, 22 May 2019 12:40:27 +0200
+
 corosync (2.4.4-pve1) unstable; urgency=medium
 
   * update to corosync 2.4.4
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH 2/4] add upstream sources

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 upstream/kronosnet_1.8-2.debian.tar.xz | Bin 0 -> 8912 bytes
 upstream/kronosnet_1.8.orig.tar.xz | Bin 0 -> 462580 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 upstream/kronosnet_1.8-2.debian.tar.xz
 create mode 100644 upstream/kronosnet_1.8.orig.tar.xz

diff --git a/upstream/kronosnet_1.8-2.debian.tar.xz 
b/upstream/kronosnet_1.8-2.debian.tar.xz
new file mode 100644
index 000..62a8e93
Binary files /dev/null and b/upstream/kronosnet_1.8-2.debian.tar.xz differ
diff --git a/upstream/kronosnet_1.8.orig.tar.xz 
b/upstream/kronosnet_1.8.orig.tar.xz
new file mode 100644
index 000..f03a606
Binary files /dev/null and b/upstream/kronosnet_1.8.orig.tar.xz differ
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH kronosnet/corosync-pve 00/14] update to Corosync 3.x

[Fabian Grünbichler]

and package new dependency kronosnet

kronosnet:

Fabian Grünbichler (4):
  initial Makefile
  add upstream sources
  cherry-pick crypto changes
  bump version to 1.8-pve1

corosync

Fabian Grünbichler (10):
  Makefile: remove cruft
  Makefile: replace ARCH with DEB_BUILD_ARCH
  build: switch sources to 3.0.1-2
  download 3.0.1-2 sources
  rebase patches
  build: drop transitional packages
  build: remove -qdevice/qnetd from package list
  build: remove libtotem-pg* from package list
  add patches for Corosync 3.x
  bump version to 3.0.1-pve1

 changelog.Debian  |  16 +
 Makefile  |  70 +-
 ...1-add-Provides-Replaces-corosync-pve.patch |  38 -
 ...-don-t-install-default-corosync.conf.patch | 127 +++
 ...-don-t-install-default-corosync.conf.patch | 143 ---
 ...pt.patch => 0002-remove-init-script.patch} |  10 +-
 ...-Switch-to-Debhelper-compat-level-11.patch |  70 --
 ...art-corosync.service-if-conf-exists.patch} |  36 +-
 ...h => 0004-bsys-disable-augeas-tools.patch} |  50 +-
 ...rt-after-package-upgrade-is-complete.patch |  27 -
 ...-cfgtool-Improve-link-status-display.patch | 166 
 ...-Revert-init-Enable-StopWhenUnneeded.patch |  63 ++
 ...-postinst-for-restart-on-dist-upgrad.patch |  32 -
 patches/0007-add-crypto-patches.patch | 404 +
 ...ibcorosync4-pve-transitional-package.patch |  29 -
 patches/0008-CPG-callback-merging.patch   | 858 ++
 ...y-and-problematic-corosync-qdevice.i.patch |  72 --
 ...lients-about-left-nodes-during-pause.patch | 401 
 ...-control-bump-versioned-b-d-on-libqb.patch |  23 -
 orig.tar.gz => corosync_3.0.1.orig.tar.gz | Bin 17827086 -> 17891449 bytes
 patches/series|  20 +-
 21 files changed, 1720 insertions(+), 935 deletions(-)
 delete mode 100644 patches/0001-add-Provides-Replaces-corosync-pve.patch
 create mode 100644 patches/0001-don-t-install-default-corosync.conf.patch
 delete mode 100644 patches/0002-don-t-install-default-corosync.conf.patch
 rename patches/{0005-remove-init-script.patch => 
0002-remove-init-script.patch} (95%)
 delete mode 100644 
patches/0003-Revert-Switch-to-Debhelper-compat-level-11.patch
 rename patches/{0008-only-start-corosync.service-if-conf-exists.patch => 
0003-only-start-corosync.service-if-conf-exists.patch} (66%)
 rename patches/{0012-bsys-disable-augeas-tools.patch => 
0004-bsys-disable-augeas-tools.patch} (67%)
 delete mode 100644 patches/0004-restart-after-package-upgrade-is-complete.patch
 create mode 100644 patches/0005-cfgtool-Improve-link-status-display.patch
 create mode 100644 patches/0006-Revert-init-Enable-StopWhenUnneeded.patch
 delete mode 100644 
patches/0006-add-corosync-pve-postinst-for-restart-on-dist-upgrad.patch
 create mode 100644 patches/0007-add-crypto-patches.patch
 delete mode 100644 patches/0007-add-libcorosync4-pve-transitional-package.patch
 create mode 100644 patches/0008-CPG-callback-merging.patch
 delete mode 100644 
patches/0009-remove-unecessary-and-problematic-corosync-qdevice.i.patch
 delete mode 100644 
patches/0010-cpg-Inform-clients-about-left-nodes-during-pause.patch
 delete mode 100644 patches/0011-d-control-bump-versioned-b-d-on-libqb.patch
 rename corosync_2.4.4.orig.tar.gz => corosync_3.0.1.orig.tar.gz (67%)

-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 01/10] Makefile: remove cruft

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 4 
 1 file changed, 4 deletions(-)

diff --git a/Makefile b/Makefile
index 363aeb2..a46c0ef 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,3 @@
-RELEASE=5.0
-
-# source from http://www.corosync.org
-
 CSVERSION=2.4.4
 CSRELEASE=pve1
 DEBRELEASE=3
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH corosync-pve 03/10] build: switch sources to 3.0.1-2

[Fabian Grünbichler]

Signed-off-by: Fabian Grünbichler 
---
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 2f88750..786abba 100644
--- a/Makefile
+++ b/Makefile
@@ -1,8 +1,8 @@
 include /usr/share/dpkg/architecture.mk
 
-CSVERSION=2.4.4
+CSVERSION=3.0.1
 CSRELEASE=pve1
-DEBRELEASE=3
+DEBRELEASE=2
 CSDIR=corosync-${CSVERSION}
 CSSRC=corosync_${CSVERSION}.orig.tar.gz
 
-- 
2.20.1


___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH manager] ui: migrate: refactor migrate window & add migration with local disks

[Tim Marx]

This patch depends on the patches in qemu in this series:
f5677b949dfc3d8ffc317357ff31a2e7f9c86bc7
20bccadf52b34877a5e772111b243e5adc26b4a3

This patch refactors the migrate ui to incoperate the viewmodel approach
which should help if we need to add functionality in future iterations.
Additionally it is now possible to migrate with local disks.

Signed-off-by: Tim Marx 
---
 www/manager6/window/Migrate.js | 383 ++---
 1 file changed, 280 insertions(+), 103 deletions(-)

diff --git a/www/manager6/window/Migrate.js b/www/manager6/window/Migrate.js
index 9395a97f..30789212 100644
--- a/www/manager6/window/Migrate.js
+++ b/www/manager6/window/Migrate.js
@@ -1,76 +1,267 @@
+/*jslint confusion: true*/
 Ext.define('PVE.window.Migrate', {
 extend: 'Ext.window.Window',

-config: {
-   vmtype: undefined,
-   nodename: undefined,
-   vmid: undefined
+
+vmtype: undefined,
+nodename: undefined,
+vmid: undefined,
+
+viewModel: {
+   data: {
+   vmid: undefined,
+   nodename: undefined,
+   vmtype: undefined,
+   running: false,
+   qemu: {
+   onlineHelp: 'qm_migration',
+   commonName: 'VM'
+   },
+   lxc: {
+   onlineHelp: 'pct_migration',
+   commonName: 'CT'
+   },
+   migration: {
+   possible: true,
+   preconditions: [],
+   'with-local-disks': 0,
+   mode: undefined,
+   allowedNodes: undefined
+   }
+
+   },
+
+   formulas: {
+   setMigrationMode: function(get) {
+   if (get('running')){
+   if (get('vmtype') === 'qemu') {
+   return gettext('Online');
+   } else {
+   return gettext('Restart Mode');
+   }
+   } else {
+   return gettext('Offline');
+   }
+   },
+   setStorageselectorHidden: function(get) {
+   if (get('migration.with-local-disks') && get('running')) {
+   return false;
+   } else {
+   return true;
+   }
+   }
+   }
 },
- // private, used to store the migration mode after checking if the guest runs
-liveMode: undefined,

 controller: {
xclass: 'Ext.app.ViewController',
control: {
'panel[reference=formPanel]': {
validityChange: function(panel, isValid) {
-   this.lookup('submitButton').setDisabled(!isValid);
+   this.getViewModel().set('migration.possible', isValid);
+   this.checkMigratePreconditions();
}
-   },
-   'button[reference=submitButton]': {
-   click: function() {
-   var me = this;
-   var view = me.getView();
-
-   var values = me.lookup('formPanel').getValues();
-   var params = {
-   target: values.target
-   };
-
-   if (view.liveMode) {
-   params[view.liveMode] = 1;
+   }
+   },
+
+   init: function(view) {
+   var me = this,
+   vm = view.getViewModel();
+
+   if (!view.nodename) {
+   throw "missing custom view config: nodename";
+   }
+   vm.set('nodename', view.nodename);
+
+   if (!view.vmid) {
+   throw "missing custom view config: vmid";
+   }
+   vm.set('vmid', view.vmid);
+
+   if (!view.vmtype) {
+   throw "missing custom view config: vmtype";
+   }
+   vm.set('vmtype', view.vmtype);
+
+
+   view.setTitle(
+   Ext.String.format('{0} {1}{2}', gettext('Migrate'), 
vm.get(view.vmtype).commonName, view.vmid)
+   );
+   me.lookup('proxmoxHelpButton').setHelpConfig({
+   onlineHelp: vm.get(view.vmtype).onlineHelp
+   });
+   me.checkMigratePreconditions();
+   me.lookup('formPanel').isValid();
+
+   },
+
+   onTargetChange: function (nodeSelector) {
+   //Always display the storages of the currently seleceted migration 
target
+   
this.lookup('pveDiskStorageSelector').setNodename(nodeSelector.value);
+   },
+
+   startMigration: function() {
+   var me = this,
+   view = me.getView(),
+   vm = me.getViewModel();
+
+   var values = me.lookup('formPanel').getValues();
+   var params = {
+   target: values.target
+   };
+
+   if (vm.get('migration.mode')) {
+   params[vm.get('migration.mode')] = 1;
+   }
+   if (vm.get('migration.with-local-disks')) {
+   params['with-local-disks'] = 1;
+   }
+   

[pve-devel] [PATCH qemu 2/3] add sub for local disks check

[Tim Marx]

Signed-off-by: Tim Marx 
---
 PVE/API2/Qemu.pm | 45 +
 1 file changed, 45 insertions(+)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index a771a1a..fa4ff63 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3141,6 +3141,51 @@ __PACKAGE__->register_method({
return PVE::QemuConfig->lock_config($vmid, $updatefn);
 }});
 
+my $check_vm_disks_local = sub {
+my ($storecfg, $vmconf, $vmid) = @_;
+
+my $local_disks = {};
+
+my @sids = PVE::Storage::storage_ids($storecfg);
+
+# check each storage for disks, even if they aren't referenced in VM config
+foreach my $storeid (@sids) {
+   my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
+   next if $scfg->{shared};
+   next if !PVE::Storage::storage_check_enabled($storecfg, $storeid, 
undef, 1);
+
+   # get list from PVE::Storage (for unused volumes)
+   my $dl = PVE::Storage::vdisk_list($storecfg, $storeid, $vmid);
+   next if @{$dl->{$storeid}} == 0;
+
+   PVE::Storage::foreach_volid($dl, sub {
+   my ($volid, $sid, $volname) = @_;
+   $local_disks->{$volid} = $volname;
+   });
+}
+
+# add some more information to the disks e.g. cdrom
+PVE::QemuServer::foreach_volid($vmconf, sub {
+   my ($volid, $attr) = @_;
+
+   my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, 1);
+   if ($storeid) {
+   my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
+   return if $scfg->{shared};
+   }
+   # The shared attr here is just a special case where the vdisk
+   # is marked as shared manually
+   return if $attr->{shared};
+   return if $attr->{cdrom} and $volid eq "none";
+
+   if (exists $local_disks->{$volid}) {
+   @{$local_disks->{$volid}}{keys %$attr} = values %$attr
+   } else {
+   $local_disks->{$volid} = $attr;
+   # ensure volid is present in case it's needed
+   $local_disks->{$volid}->{volid} = $volid;
+   }
+});
 __PACKAGE__->register_method({
 name => 'migrate_vm',
 path => '{vmid}/migrate',
-- 
2.11.0

___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH qemu 3/3] add migration precondition api endpoint

[Tim Marx]

Signed-off-by: Tim Marx 
---
 PVE/API2/Qemu.pm | 96 
 1 file changed, 96 insertions(+)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index fa4ff63..47dd2d4 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3186,6 +3186,102 @@ my $check_vm_disks_local = sub {
$local_disks->{$volid}->{volid} = $volid;
}
 });
+
+return $local_disks;
+};
+
+__PACKAGE__->register_method({
+name => 'migrate_vm_precondition',
+path => '{vmid}/migrate',
+method => 'GET',
+protected => 1,
+proxyto => 'node',
+description => "Get preconditions for migration.",
+permissions => {
+   check => ['perm', '/vms/{vmid}', [ 'VM.Migrate' ]],
+},
+parameters => {
+   additionalProperties => 0,
+   properties => {
+   node => get_standard_option('pve-node'),
+   vmid => get_standard_option('pve-vmid', { completion => 
\::QemuServer::complete_vmid }),
+   target => get_standard_option('pve-node', {
+   description => "Target node.",
+   completion =>  \::Cluster::complete_migration_target,
+   optional => 1,
+   }),
+   },
+},
+returns => {
+   type => "object",
+   properties => {
+   running => { type => 'boolean' },
+   allowed_nodes => {
+   type => 'array',
+   optional => 1,
+   description => "List nodes allowed for offline migration with 
same local storage as source node, only passed if VM is offline"
+   },
+   local_disks => {
+   type => 'array',
+   description => "List local disks including CD-Rom, unsused and 
not referenced disks"
+   },
+   local_resources => {
+   type => 'array',
+   description => "List local resources e.g. pci, usb"
+   }
+   },
+},
+code => sub {
+   my ($param) = @_;
+
+   my $rpcenv = PVE::RPCEnvironment::get();
+
+   my $authuser = $rpcenv->get_user();
+
+   PVE::Cluster::check_cfs_quorum();
+
+   my $res = {};
+
+   my $vmid = extract_param($param, 'vmid');
+   my $target = extract_param($param, 'target');
+   my $localnode = PVE::INotify::nodename();
+
+
+   # test if VM exists
+   my $vmconf = PVE::QemuConfig->load_config($vmid);
+   my $storecfg = PVE::Storage::config();
+
+
+   # try to detect errors early
+   PVE::QemuConfig->check_lock($vmconf);
+
+   $res->{'running'} = PVE::QemuServer::check_running($vmid) ? 1:0;
+
+   # if vm is not running, return target nodes where local storage is 
available
+   # for offline migration
+   if (!$res->{'running'}) {
+   my $shared_nodes = PVE::QemuServer::shared_nodes($vmconf, 
$storecfg);
+
+   delete $shared_nodes->{$localnode} if $shared_nodes->{$localnode};
+
+   my @allowed_nodes = keys %$shared_nodes;
+   $res->{'allowed_nodes'} = \@allowed_nodes;
+   }
+
+
+   my $local_disks = &$check_vm_disks_local($storecfg, $vmconf, $vmid);
+   my @local_disks_array = values %$local_disks;
+   $res->{'local_disks'} = \@local_disks_array;
+
+   my $local_resources =  PVE::QemuServer::check_local_resources($vmconf, 
1);
+
+   $res->{'local_resources'} = $local_resources;
+
+   return $res;
+
+
+}});
+
 __PACKAGE__->register_method({
 name => 'migrate_vm',
 path => '{vmid}/migrate',
-- 
2.11.0

___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH qemu 1/3] whitespace cleanup

[Tim Marx]

Signed-off-by: Tim Marx 
---
 PVE/API2/Qemu.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index a628a20..a771a1a 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3156,7 +3156,7 @@ __PACKAGE__->register_method({
properties => {
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid', { completion => 
\::QemuServer::complete_vmid }),
-   target => get_standard_option('pve-node', { 
+   target => get_standard_option('pve-node', {
description => "Target node.",
completion =>  \::Cluster::complete_migration_target,
 }),
@@ -3414,7 +3414,7 @@ __PACKAGE__->register_method({
my (undef, undef, undef, undef, undef, undef, $format) =
PVE::Storage::parse_volname($storecfg, $drive->{file});
 
-   die "can't resize volume: $disk if snapshot exists\n" 
+   die "can't resize volume: $disk if snapshot exists\n"
if %{$conf->{snapshots}} && $format eq 'qcow2';
 
my $volid = $drive->{file};
@@ -3601,7 +3601,7 @@ __PACKAGE__->register_method({
 
my $realcmd = sub {
PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid: 
$snapname");
-   PVE::QemuConfig->snapshot_create($vmid, $snapname, 
$param->{vmstate}, 
+   PVE::QemuConfig->snapshot_create($vmid, $snapname, 
$param->{vmstate},
 $param->{description});
};
 
-- 
2.11.0

___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] LDAP integration with G Suite?

[Dominik Csapak]

On 5/22/19 3:16 AM, Victor Hooi wrote:

Hi,


Hi,



I'm interested in getting Proxmox's LDAP integrated with the Secure LDAP
feature from G Suite.

Does anybody know how difficult this would be, or what would be involved?


As far as i can see from their guide[0], this should generally work
out of the box if you add an ldap realm in pve with the provided
credentials/login data.

You still have to add the specific users to pve by hand (as with all 
realms) and assign permissions to them.




Is there any provision for some kind of feature bounty with the Proxmox
team, which we could contribute to?


Not that i know of, but patches are always welcome :)



Regards,
Victor


I hope i could help

Regards, Dominik

0: https://support.google.com/a/answer/9089736

___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel